package com.health.system.springSecurity;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import com.health.system.javacommon.util.FileManagerService;
import com.health.system.model.system.Permission;
import com.health.system.service.system.PermissionManager;

import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.AntUrlPathMatcher;
import org.springframework.security.web.util.UrlMatcher;

/**
 * <p>title:加载所有的权限配置</p>
 * <p>Description:要实现FilterInvocationSecurityMetadataSource类</p>
 * Copyright: Copyright (c) 2011-04 
 * Company: 
 * 
 * @author 
 * @version 1.8 
 */

public class MyInvocationSecurityMetadataSource implements
		FilterInvocationSecurityMetadataSource {

	private UrlMatcher urlMatcher = new AntUrlPathMatcher();;
	public static Map<String, Collection<ConfigAttribute>> resourceMap = null;
	private PermissionManager permissionManager;
	public static String menus;

	public MyInvocationSecurityMetadataSource() {
		if (menus == null) {
			menus = FileManagerService.getContent("menu/admin.json");
			menus = FileManagerService.trimSpace(menus);
		}
	}

	/**
	 * 项目部署时加载所有URL及其对应的权限
	 */
	private void loadResourceDefine() {
		if (resourceMap == null) {
			resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
			List<Permission> list = permissionManager
					.selectPermissionMenuAndAction();
			if (list != null) {
				for (Permission permission : list) {
					Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>();
					String name = permission.getName();
					if (name != null) {
						ConfigAttribute configAttribute = new SecurityConfig(
								name);
						configAttributes.add(configAttribute);
						resourceMap.put(permission.getResource(),
								configAttributes);
					}
				}
			}
		}
	}

	/*
	 * (non-Javadoc) 返回用户访问的资源所需的权限信息.object:访问的对象
	 * 
	 * @see org.springframework.security.access.SecurityMetadataSource#getAttributes(java.lang.Object)
	 */
	public Collection<ConfigAttribute> getAttributes(Object object)
			throws IllegalArgumentException {
		String requestURL = ((FilterInvocation) object).getRequestUrl().split("\\?")[0];
		if (resourceMap == null) {
			loadResourceDefine();
		}
		Iterator<String> iterator = resourceMap.keySet().iterator();
		while (iterator.hasNext()) {
			String resourceURL = iterator.next();
			if (resourceURL != null) {
				if (urlMatcher.pathMatchesUrl(requestURL, resourceURL)) {
					return resourceMap.get(resourceURL);
				}
			}
		}
		return null;
	}

	/**
	 * 刷新内存，后台权限资源有所更改，调用该static方法进行刷新内存.
	 */
	private static void reFresh() {
		resourceMap = null;
	}

	public boolean supports(Class<?> clazz) {
		return true;
	}

	public Collection<ConfigAttribute> getAllConfigAttributes() {
		return null;
	}

	public void setPermissionManager(PermissionManager permissionManager) {
		this.permissionManager = permissionManager;
	}

}